You can use properties files to modify or delete security
properties.
Before you begin
Determine the changes that you want to make to your security
configuration.
Start the wsadmin scripting tool. To start wsadmin
using the Jython language, run the wsadmin -lang jython command
from the bin directory of the server profile.
About this task
Using a properties file, you can modify or delete a security
object.
Run administrative commands using wsadmin to change
a properties file for a security object, validate the properties,
and apply them to your configuration.
Table 1. Actions for security properties. You
can modify or delete security properties.
Action |
Procedure |
create |
Not applicable |
modify |
Edit property values in the security properties
file and then run the applyConfigProperties command. |
delete |
Run the deleteConfigProperties command
to delete one or more properties. If a deleted property has a default
value, the property is set to the default value. Otherwise, the deleted
property is removed. |
create Property |
Not applicable |
delete Property |
Not applicable |
Optionally, you can use interactive mode with the commands:
AdminTask.command_name('-interactive')
Procedure
- Modify an existing properties file.
- Obtain a properties file for the Security object that
you want to change.
You can extract a properties file
for a Security object using the extractConfigProperties command.
- Open the properties file in an editor and change the
properties as needed.
Ensure that the environment variables
in the properties file match your system. An example Security properties
file follows:
#
# Header
#
ResourceType=Security
ImplementingResourceType=Security
ResourceId=Cell=!{cellName}:Security=
#
#
#Properties
#
useLocalSecurityServer=true #boolean,default(false)
cacheTimeout=600 #integer,required,default(0)
allowBasicAuth=true #boolean,default(false)
enforceJava2Security=false #boolean,default(false)
activeAuthMechanism=Cell=!{cellName}:Security=:LTPA= #ObjectName(LTPA)
enabled=true #boolean,default(false)
adminPreferredAuthMech=null
enableJava2SecRuntimeFiltering=false #boolean,default(false)
allowAllPermissionForApplication=false #boolean,default(false)
useDomainQualifiedUserNames=false #boolean,default(false)
internalServerId=null
activeUserRegistry= Cell=!{cellName}:Security=:LDAPUserRegistry=type#IBM_DIRECTORY_SERVER #ObjectName(LDAPUserRegistry)
defaultSSLSettings=Cell=!{cellName}:Security=:SSLConfig=alias#CellDefaultSSLSett
ings,managementScope#"Cell=!{cellName}:Security=:ManagementScope=scopeName#"(cell):!{cellName}"" #ObjectName(SSLConfig)
enforceFineGrainedJCASecurity=false #boolean,default(false)
dynamicallyUpdateSSLConfig=true #boolean,default(false)
activeProtocol=BOTH #ENUM(CSI|IBM|BOTH),required,default(IBM)
issuePermissionWarning=true #boolean,default(false)
appEnabled=false #boolean,default(false)
EnvironmentVariablesSection
#Environment Variables
cellName=myCell
- Run the applyConfigProperties command
to create or change a security object.
Running the applyConfigProperties command
applies the properties file to the configuration. In this Jython example,
the optional -reportFileName parameter produces a
report named report.txt:
AdminTask.applyConfigProperties(['-propertiesFileName myObjectType.props -reportFileName report.txt'])
- If you no longer need a property, you can delete the security
property.
To delete one or more properties, specify
only the properties to be deleted in the properties file and then
run the deleteConfigProperties command; for example:
AdminTask.deleteConfigProperties('[-propertiesFileName myObjectType.props -reportFileName report.txt]')
Results
You can use the properties file to configure and manage
the security properties.
What to do next
Save the changes to your configuration.